On Mon, Oct 18, 2010 at 11:24 PM, James Purser <[email protected]> wrote: > Unfortunately not. > > There are a certain number of approved CA's which wave will recognise > (this is a feature of the JVM that wave runs in I believe), which > means that for federation, both servers need to be able to verify the > CA as approved.
StartCom is not one of the standard Java runtime CAs but Wave in a Box includes it, see: http://code.google.com/p/wave-protocol/source/browse/src/org/waveprotocol/wave/crypto/DefaultTrustRootsProvider.java?repo=libraries We chose StartCom because they have long worked together with the XMPP community to produce free XMPP certs: http://xmpp.net/issuance.shtml As it happens, StartCom is also trusted by many browsers: http://www.mozilla.org/projects/security/certs/included/ https://blog.startcom.org/?p=205 so it's also a good source of SSL certificates. On Tue, Oct 19, 2010 at 12:07 AM, Vega <[email protected]> wrote: > One more question - what about www.cacert.org signed certificates? > They are free as well. I don't think the standard Wave in a Box configuration includes CAcert as one of its default trust roots at the moment. Soren -- You received this message because you are subscribed to the Google Groups "Wave Protocol" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/wave-protocol?hl=en.
